Vigil@nce: Windows, code execution via Bluetooth
June 2008 by Vigil@nce
An attacker can send several Bluetooth packets in order to execute
code on the system.
– Gravity: 3/4
– Consequences: user access/rights
– Provenance: physical access
– Means of attack: no proof of concept, no attack
– Ability of attacker: expert (4/4)
– Confidence: confirmed by the editor (5/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Creation date: 11/06/2008
– Identifier: VIGILANCE-VUL-7884
IMPACTED PRODUCTS
– Microsoft Windows Vista [confidential versions]
– Microsoft Windows XP [confidential versions]
DESCRIPTION
Windows supports Bluetooth to exchange data with external devices.
The SDP (Service Discovery Protocol) protocol detects devices and
their services.
When the Bluetooth stack of Windows receives several SDP packets,
and internal error occurs. This error leads to code execution.
A near attacker can therefore send several Bluetooth packets in
order to execute code on the system.
CHARACTERISTICS
– Identifiers: 951376, CVE-2008-1453, MS08-030, VIGILANCE-VUL-7884
– Url: https://vigilance.aql.fr/tree/1/7884